Top 17 keys 70-294 for IT candidates (69 to 85)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 70-294 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/70-294-dumps.html


70-294 Product Description:
Exam Number/Code: 70-294 vce
Exam name: MCSE Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 AD Infrastructure
n questions with full explanations
Certification: Microsoft Certification
Last updated on Global synchronizing

Instant Access to Free VCE Files: Microsoft 70-294 MCSE Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 AD Infrastructure

70-294 examcollection

Question No. 69

You are the network administrator for Blue Yonder Airlines. The company has offices in Toronto, New York, and Chicago. The network connections are shown in the exhibit. (Click the Exhibit button.) 

The network consists of two Active Directory domains. User objects for users in the Toronto office and the New York office are stored in the blueyonderairlines.com domain. User objects for users in the Chicago office are stored in the production.blueyonderairlines.com domain. Active Directory is configured as shown in the following table. 

Users in the New York office frequently report that they cannot log on to the network, or that logging on takes a very long time. You notice increased global catalog queries to servers in the Toronto office during peak logon times. 

You need to improve logon performance for users in the New York office without increasing WAN traffic that is due to replication. 

What should you do? 


A. Install an additional domain controller in the New York office. 

B. Configure Active Directory to cache universal group memberships for the New York office. 

C. Configure Active Directory to cache universal group memberships for the Toronto office. 

D. Configure the domain controller in the New York office as a global catalog server. 

Answer:


Question No. 70

You have a single Active Directory service domain. All users are located in an organizational unit (OU) named ContosoUsers. All client computer accounts are located in an OU named ContosoComputers. 

You need to deploy a new application to all users. The application shortcut must be available the next time the users log on. What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.) 

A. Create a Group Policy object (GPO) to publish the application. Link the GPO to the ContosoComputers OU. 

B. Create a Group Policy object (GPO) to assign the application. Link the GPO to the ContosoComputers OU. 

C. Create a Group Policy object (GPO) to publish the application. Link the GPO to the ContosoUsers OU. 

D. Create a Group Policy object (GPO) to assign the application. Link the GPO to the ContosoUsers OU. 

Answer: BD 


Question No. 71

You have a single Active Directory service domain. You use a Group Policy object (GPO) to apply security settings to your client computers. 

You configure the startup type for system services settings in a new GPO, and you link the GPO to an organizational unit(OU). 

You discover that the startup type for system services on one of the client computers has not been updated. 

You need to ensure that the Group policy settings are applied to the client computer. 

What should you do ? 

A. Restart the client computer. 

B. Instruct the user to log off and then log on to the client computer. 

C. On the client computer, run the Gpupdate.exe command with /Force parameter. 

D. On the client computer, run the Gpupdate.exe command with /Target:computer parameter. 

Answer:


Question No. 72

You are the network administrator for your company. The network consists of a single Active Directory domain. The company's written domain administration policy requires that help desk employees must have the ability to reset passwords. The help desk employees must be able to reset passwords for all user accounts except for members of the Domain Admins global group and members of the Executives global group. The help desk employees must not have any other administrative rights in the domain. All help desk employees are members of the Help Desk global group. All members of the Domain Admins group are located in an organizational unit (OU) named AdminsOU. All members of the Executives group are located in an OU named ExecutiveOU. All other user accounts are located in an OU named EmployeesOU. The relevant portion of the OU design for the domain is shown in the exhibit. (Click the Exhibit button.) You need to configure the permissions for the help desk employees as defined by the written domain administration policy. What should you do? 


A. Assign the Help Desk global group the right to reset passwords in the OU named AllUsersOU. 

B. Assign the Help Desk global group the right to reset passwords in the OU named EmployeesOU. 

C. Assign the Help Desk global group the right to manage user accounts at the domain level. Deny the help desk employees the right to reset passwords in the OU named AdminsOU and the OU named ExecutiveOU. 

D. Assign the Help Desk global group the right to manage user accounts in the OU named AllUsersOU. Block the inheritance of permissions at the OU named AdminsOU and the OU named ExecutiveOU. 

Answer:


Question No. 73

You are the network administrator for your company. Your network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. All computer accounts for the client computers are located in an organizational unit (OU) named Computer Accounts. All user accounts are located in an OU named User Accounts. Software Update Services (SUS) is installed on your network. The SUS infrastructure is shown in the exhibit. (Click the Exhibit button.) Updates that are deployed must not cause any conflicts or errors on the client computers. You need to configure the client computers to download approved updates from the correct server. Which two actions should you take? (Each correct answer presents part of the solution. Choose two.) 


A. Create a Group Policy object (GPO) to set the default package location to be the internal interface of the firewall. 

B. Create a Group Policy object (GPO) to set the update service location to be the Microsoft Windows Update server. 

C. Create a Group Policy object (GPO) to set the update service location to be the child SUS server. 

D. Create a Group Policy object (GPO) to set the default package location to be the child SUS server. 

E. Link the Group Policy object (GPO) to the User Accounts OU. 

F. Link the Group Policy object (GPO) to the Computer Accounts OU. 

Answer: CF 


70-294 actual test

Question No. 74

You are the network administrator for your company. The network consists of a single Active Directory domain. The company has an office in San Diego, which is configured as a single Active Directory site. The company has 500 users. The company opens a new office in Los Angeles, which employs 50 users. A T1 line connects both offices. You configure the Los Angeles office as a single site. You create a subnet object for the Los Angeles office. In the Los Angeles office, you install and configure a server named DC1 as a domain controller and global catalog server. You configure the Los Angeles site to use DC1 and the Los Angeles subnet object. You configure a site link that connects the site in San Diego and the site in Los Angeles. You need to ensure that client computers in Los Angeles connect to DC1 for authentication. You also need to ensure that changes to the domain are replicated as soon as possible. What should you do? 

A. Configure the interval for the site link to its minimum value. 

B. Create an RPC-based connection object at each of the two sites. 

C. Remove the Los Angeles site and move DC1 and the Los Angeles subnet object to the San Diego site. 

D. Create a site link bridge between the two sites. 

Answer:


Question No. 75

You are the network administrator for Consolidated Messenger. The network consists of a single Active Directory forest that contains three domains named consolidatedmessenger.com, childl.consolidatedmessenger.com, and child2.consolidatedmessenger.com. The functional level of the forest is Windows Server 2003. 

Both the childl.consolidatedmessenger.com domain and the child2.consotidatedmessenger.com domain contain user accounts of users in the accounting department. All accounting users need to access resources in both child domains. 

You need to ensure that all accounting users can access the appropriate resources. You want to restrict administrators in the child domains to managing the access requirements for user accounts in their domain. You also want to minimize global catalog replication. 

What should you do? 

A. . Create a domain local group in the consolidatedmessenger.com domain. 

. Add the user accounts for accounting users in both child domains to the domain local group. 

B. . Create a universal group in the consolidatedmessenger.com domain. 

. Add all user accounts for accounting users in both child domains to the universal group. 

C. . Create a global group named All_Accounting in each child domain. 

. Add all user accounts for accounting users in a domain to the All_Accounting group for that domain. 

. Create a domain local group in the consolidatedmessenger.com domain. 

. Add both All_Accounting groups to the domain local group. 

D. . Create a global group named All_Accounting in each child domain. 

. Add all user accounts for accounting users in a domain to the All_Accounting group for that domain. 

. Create a universal group in the consolidatedmessenger.com domain. 

. Add both All_Accounting groups to the universal group. 

Answer:


Question No. 76

You have a single Active Directory service domain. You use Group Policy for software installation. You need to find out why a Group Policy object (GPO) is not being applied to a specific user account. What should you do? 

A. View the Userenv log file on the users computer. 

B. View the Security event log on the users computer. 

C. View the Userenv log file on the domain controller against which the user is authenticating. 

D. View the Security event log on the domain controller against which the user is authenticating. 

Answer:


Question No. 77

You are the network administrator for your company. The network structure is shown in the exhibit. (Click the Exhibit button.) 


The functional level of both forests is Windows Server 2003. All three domains are Active Directory domains. 

Domain3 contains a computer named Server1. A shared folder on Server1 is named Share1. Users in an organizational unit (OU) named Accounts in Domain2 need access to Share1. However, whenever the users in the Accounts OU attempt to connect to Share1, they receive an error message stating that access was denied. 

You need to ensure that users in the Accounts OU can connect to Share1. What should you do? 

A. Create a shared folder in the Accounts OU for \\Server1\Share1. 

B. Create a one-way external trust relationship in which Domain2 trusts Domain3. 

C. Create global security group in Domain2 that includes all users in the Accounts OU. Create a domain local security group in Domain3. Grant access to \\Server1\Share1 to the domain local security group. Make the global security group a member of the domain local security group. 

D. Create a universal distribution group in Domain2 that includes all users in the Accounts OU. Create a domain local security group in Domain3. Grant access to \\Server1\Share1 to the domain local security group. Make the universal distribution group a member of the domain local security group. 

Answer:


Question No. 78

You have a single Active Directory service domain. All domain controllers run Windows Server 2003. 

You are configuring a software restriction policy. 

You need to allow users to run only a defined set of executables. 

What should you do? 

A. Set the default security level to Unrestricted. Define additional rules. 

B. Set the default security level to Disallowed. Define additional rules. 

C. Set the default security level to Unrestricted. Define designated file types. 

D. Set the default security level to Disallowed. Define enforcement options. 

Answer:


70-294 exam answers

Question No. 79

CORRECT TEXT 

Activate Universal Group Membership caching on the Site Cairo and ensure that they replicated only with the GC in London. What should you do? 

Answer: 


Question No. 80

You are the network administrator for your company. The network consists of a single Active Directory domain with two sites named Site1 and Site2. Site1 contains two domain controllers. Site2 contains one domain controller. Each site contains two member servers. All domain controllers are backed up every night. 

Each of the domain controllers is installed with a similar hardware configuration, which includes a single processor and a single hard disk. 

You create several user accounts on the domain controller in Site2. The hard disk on that domain controller fails. You install a new hard disk on the domain controller and restore the domain controller from the most recent backup tape. You notice that the new user accounts you created on the domain controller do not appear. The only way that you can restore the user accounts is to re-create them. 

You need to configure the domain controllers so that the loss of data in Active Directory is minimized during a similar hard disk failure. What should you do? 

A. Install an additional hard disk in each domain controller. Move the Active Directory database file to the new hard disk. 

B. Install an additional hard disk in each domain controller. Move the Active Directory log files to the new hard disk. 

C. Configure an existing member server as an additional domain controller in Site2. 

D. Configure a new site link between Site1 and Site2. 

Answer:


Question No. 81

CORRECT TEXT 

You are the network administrator of your company. The network consists of a single Active Directory domain. A server named Server1 functions as a domain controller server. 

All computer and user account of the human resources (HR) department are located in an organizational unit (OU) named HR. Your company uses a Group Policy object (GPO) named HRGPO to centrally apply security settings to the HR OU. For security reasons, you deploy smart cards to the HR department's computers. 

You need to ensure the user who uses the interactive logons to log on to HR computer must use a smart card. 

You need configure Server1 by using the least amount of administrative effort. Your operation must not affect other settings. 

Answer: 


Question No. 82

DRAG DROP 

You are the network administrator for your company. The network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2003. The domain is shown in the exhibit. (Click the Exhibit button.) 

Replication is scheduled to take place once per day. 

Each server is fully backed up daily. You connect to Server1 and create seven logon scripts in the Default Domain Policy Group Policy object (GPO). 

Three days later, an administrator in Tel Aviv inadvertently corrupts the scripts on Server3. Ten minutes later, you successfully make changes to one of the logon scripts on Server1. 

You need to make the latest version of the logon scripts available to users in Tel Aviv as soon as possible. What should you do? 

To answer, drag the action that you should perform first to the First Action box. Continue dragging actions to the corresponding numbered boxes until you list all required actions in the correct order. You might not need to use all numbered boxes. 


Answer: 


Question No. 83

CORRECT TEXT 

You are the network administrator for your company. Your company has two forests, one in London and one in Paris. The London forest consists of a domain named contoso.com, and the domain controller is named Server1. The Paris forest consists of a domain named treyresearch.com, and the domain controller is named Server2. A two-way forest trust relationship exists between the two forests. 

Most users of contoso.com are used to access the resource in treyresearch.com. You configured a universal group named AccessGroup in contoso.com, and include the user accounts which need to access the treyresearch.com. 

You need to create a group named Group1 to store AccessGroup, and ensure that the members of Group1 are able to access the resources in treyresearch.com. You must accomplish this task by using the New Object - Group dialog box. Your operation must not affect other settings. 

Create a Global Security Group named Group1 on t 

Answer: 


Question No. 84

You have a single Active Directory service domain. You configure security settings for your client computers in a new Group Policy object (GPO), and you link the GPO to an organizational unit (OU). A new computer is moved to the OU. The Group Policy settings are not being applied to the new computer. You need to find out why the Group Policy settings are not being applied to the new computer. What should you do? 

A. Use RSoP in logging mode. 

B. Use the Local Security Policy snap-in. 

C. Run the GPResult.exe command on the domain controller. 

D. Run the Gpupdate.exe command on the domain controller. 

Answer:


Question No. 85

You are a network administrator for your company. The network consists of a single Active Directory forest that contains one domain. The company has its main office and one branch office in San Francisco. The company has additional branch offices in Chicago, New York, and Toronto. Administrators at the main office are responsible for managing all objects in the domain. Administrators at each branch office are responsible for managing user and computer objects for employees who work in the same branch office as the administrator. Administrators for the San Francisco branch office are also responsible for managing user and computer objects for employees who work in the main office. These users are managed as a single unit. You want administrators to be authorized to make changes only to the objects for which they are responsible. You need to plan an organizational unit (OU) structure that allows the delegation of required permissions. You want to achieve this goal by using the minimum amount of administrative effort. Which OU structure should you use? 


A. Figure A 

B. Figure B 

C. Figure C 

D. Figure D 

Answer: